alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Activity

chore: Update manifests after change

Browse Source
This commit is contained in:
gitea-bot
2026-03-06 05:02:22 +00:00
parent 7b51891a5a
commit bff5cf9fe6
24 changed files with 427 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
clusters/cl01tl/manifests/harbor/ConfigMap-harbor-core.yaml
View File

@@ -42,8 +42,8 @@ data:
LOG_LEVEL: "info" LOG_LEVEL: "info"
CONFIG_PATH: "/etc/core/app.conf" CONFIG_PATH: "/etc/core/app.conf"
CHART_CACHE_DRIVER: "redis" CHART_CACHE_DRIVER: "redis"
_REDIS_URL_CORE: "redis://redis-replication-harbor-master.harbor:6379/0?idle_timeout_seconds=30" _REDIS_URL_CORE: "redis://harbor-valkey.harbor:6379/0?idle_timeout_seconds=30"
_REDIS_URL_REG: "redis://redis-replication-harbor-master.harbor:6379/2?idle_timeout_seconds=30" _REDIS_URL_REG: "redis://harbor-valkey.harbor:6379/2?idle_timeout_seconds=30"
PORTAL_URL: "http://harbor-portal" PORTAL_URL: "http://harbor-portal"
REGISTRY_CONTROLLER_URL: "http://harbor-registry:8080" REGISTRY_CONTROLLER_URL: "http://harbor-registry:8080"
REGISTRY_CREDENTIAL_USERNAME: "harbor_registry_user" REGISTRY_CREDENTIAL_USERNAME: "harbor_registry_user"

2
clusters/cl01tl/manifests/harbor/ConfigMap-harbor-exporter-env.yaml
View File

@@ -25,7 +25,7 @@ data:
HARBOR_EXPORTER_CACHE_CLEAN_INTERVAL: "14400" HARBOR_EXPORTER_CACHE_CLEAN_INTERVAL: "14400"
HARBOR_METRIC_NAMESPACE: harbor HARBOR_METRIC_NAMESPACE: harbor
HARBOR_METRIC_SUBSYSTEM: exporter HARBOR_METRIC_SUBSYSTEM: exporter
HARBOR_REDIS_URL: "redis://redis-replication-harbor-master.harbor:6379/1" HARBOR_REDIS_URL: "redis://harbor-valkey.harbor:6379/1"
HARBOR_REDIS_NAMESPACE: harbor_job_service_namespace HARBOR_REDIS_NAMESPACE: harbor_job_service_namespace
HARBOR_REDIS_TIMEOUT: "3600" HARBOR_REDIS_TIMEOUT: "3600"
HARBOR_SERVICE_SCHEME: "http" HARBOR_SERVICE_SCHEME: "http"

2
clusters/cl01tl/manifests/harbor/ConfigMap-harbor-jobservice-env.yaml
View File

@@ -27,6 +27,6 @@ data:
NO_PROXY: "harbor-core,harbor-jobservice,harbor-database,harbor-registry,harbor-portal,harbor-trivy,harbor-exporter,127.0.0.1,localhost,.local,.internal" NO_PROXY: "harbor-core,harbor-jobservice,harbor-database,harbor-registry,harbor-portal,harbor-trivy,harbor-exporter,127.0.0.1,localhost,.local,.internal"
METRIC_NAMESPACE: harbor METRIC_NAMESPACE: harbor
METRIC_SUBSYSTEM: jobservice METRIC_SUBSYSTEM: jobservice
_REDIS_URL_CORE: "redis://redis-replication-harbor-master.harbor:6379/0?idle_timeout_seconds=30" _REDIS_URL_CORE: "redis://harbor-valkey.harbor:6379/0?idle_timeout_seconds=30"
CACHE_ENABLED: "true" CACHE_ENABLED: "true"
CACHE_EXPIRE_HOURS: "24" CACHE_EXPIRE_HOURS: "24"

2
clusters/cl01tl/manifests/harbor/ConfigMap-harbor-jobservice.yaml
View File

@@ -22,7 +22,7 @@ data:
workers: 10 workers: 10
backend: "redis" backend: "redis"
redis_pool: redis_pool:
redis_url: "redis://redis-replication-harbor-master.harbor:6379/1" redis_url: "redis://harbor-valkey.harbor:6379/1"
namespace: "harbor_job_service_namespace" namespace: "harbor_job_service_namespace"
idle_timeout_second: 3600 idle_timeout_second: 3600
job_loggers: job_loggers:

2
clusters/cl01tl/manifests/harbor/ConfigMap-harbor-registry.yaml
View File

@@ -36,7 +36,7 @@ data:
redirect: redirect:
disable: false disable: false
redis: redis:
addr: redis-replication-harbor-master.harbor:6379 addr: harbor-valkey.harbor:6379
db: 2 db: 2
readtimeout: 10s readtimeout: 10s
writetimeout: 10s writetimeout: 10s

87
clusters/cl01tl/manifests/harbor/ConfigMap-harbor-valkey-init-scripts.yaml Normal file
View File

@@ -0,0 +1,87 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: harbor-valkey-init-scripts
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
data:
init.sh: |-
#!/bin/sh
set -eu
# Default config paths
VALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf}
LOGFILE="/data/init.log"
DATA_DIR="/data/conf"
# Logging function (outputs to stderr and file)
log() {
echo "$(date) $1" | tee -a "$LOGFILE" >&2
}
# Clean old log if requested
if [ "${KEEP_OLD_LOGS:-false}" != "true" ]; then
rm -f "$LOGFILE"
fi
if [ -f "$LOGFILE" ]; then
log "Detected restart of this instance ($HOSTNAME)"
fi
log "Creating configuration in $DATA_DIR..."
mkdir -p "$DATA_DIR"
rm -f "$VALKEY_CONFIG"
# Base valkey.conf
log "Generating base valkey.conf"
{
echo "port 6379"
echo "protected-mode no"
echo "bind * -::*"
echo "dir /data"
} >>"$VALKEY_CONFIG"
# Replica mode configuration
log "Configuring replication mode"
# Use POD_INDEX from Kubernetes metadata
POD_INDEX=${POD_INDEX:-0}
IS_MASTER=false
# Check if this is pod-0 (master)
if [ "$POD_INDEX" = "0" ]; then
IS_MASTER=true
log "This pod (index $POD_INDEX) is configured as MASTER"
else
log "This pod (index $POD_INDEX) is configured as REPLICA"
fi
# Configure replica settings
if [ "$IS_MASTER" = "false" ]; then
MASTER_HOST="harbor-valkey-0.harbor-valkey-headless.harbor.svc.cluster.local"
MASTER_PORT="6379"
log "Configuring replica to follow master at $MASTER_HOST:$MASTER_PORT"
{
echo ""
echo "# Replica Configuration"
echo "replicaof $MASTER_HOST $MASTER_PORT"
echo "replica-announce-ip harbor-valkey-$POD_INDEX.harbor-valkey-headless.harbor.svc.cluster.local"
} >>"$VALKEY_CONFIG"
fi
# Append extra configs if present
if [ -f /usr/local/etc/valkey/valkey.conf ]; then
log "Appending /usr/local/etc/valkey/valkey.conf"
cat /usr/local/etc/valkey/valkey.conf >>"$VALKEY_CONFIG"
fi
if [ -d /extravalkeyconfigs ]; then
log "Appending files in /extravalkeyconfigs/"
cat /extravalkeyconfigs/* >>"$VALKEY_CONFIG"
fi

2
clusters/cl01tl/manifests/harbor/Deployment-harbor-core.yaml
View File

@@ -38,7 +38,7 @@ spec:
component: core component: core
app.kubernetes.io/component: core app.kubernetes.io/component: core
annotations: annotations:
checksum/configmap: fc81233666d101bbd9d2cb96796ecf0dcb1badfaca0fa71238b65c05ac9cc71f checksum/configmap: 1cd92d6ad655a3c1d33e18b68b16811a6876c079f89d8e606ae522d6c43f1278
checksum/secret: ea96175d9d13685272268c622197e7f602ef7f436c55dafd8e625f468586290d checksum/secret: ea96175d9d13685272268c622197e7f602ef7f436c55dafd8e625f468586290d
checksum/secret-jobservice: d997909ea151f04cd3c6ce0da2b1e4b09ab6eecdc3d048c0d3aedf21b23285ba checksum/secret-jobservice: d997909ea151f04cd3c6ce0da2b1e4b09ab6eecdc3d048c0d3aedf21b23285ba
spec: spec:

2
clusters/cl01tl/manifests/harbor/Deployment-harbor-exporter.yaml
View File

@@ -38,7 +38,7 @@ spec:
component: exporter component: exporter
app.kubernetes.io/component: exporter app.kubernetes.io/component: exporter
annotations: annotations:
checksum/configmap: 20d7a4e0e881e012308448465114462b7e6d6a1df6f6860b308a279f8815ea08 checksum/configmap: c04bce2b69f581921ad9549dc4f41bf335ff506bfe8ce654eb45400623e6f462
checksum/secret: 8905c1701a3ab4bcddb0c66b5428b18255fa8d3f4d1ff790897c401abd04485f checksum/secret: 8905c1701a3ab4bcddb0c66b5428b18255fa8d3f4d1ff790897c401abd04485f
spec: spec:
securityContext: securityContext:

4
clusters/cl01tl/manifests/harbor/Deployment-harbor-jobservice.yaml
View File

@@ -41,8 +41,8 @@ spec:
component: jobservice component: jobservice
app.kubernetes.io/component: jobservice app.kubernetes.io/component: jobservice
annotations: annotations:
checksum/configmap: 5ca4ab1b168eaf25d971fa6d3cda24f9631a74065926b9760d79d0e19589886f checksum/configmap: c6704bb870a06299b2ffcf517be5d3ce2b8584f784ee45924ffd5c1e7c3d7d88
checksum/configmap-env: 6bc09dbefdd38703b3b4a150ac23b43ebfc6b8d5a77e61983a8c68a3588d02bf checksum/configmap-env: b3e100f4d68eea17ef740a80b17978219f5b92eb30014551a4eadfebadfe70f1
checksum/secret: d997909ea151f04cd3c6ce0da2b1e4b09ab6eecdc3d048c0d3aedf21b23285ba checksum/secret: d997909ea151f04cd3c6ce0da2b1e4b09ab6eecdc3d048c0d3aedf21b23285ba
checksum/secret-core: ea96175d9d13685272268c622197e7f602ef7f436c55dafd8e625f468586290d checksum/secret-core: ea96175d9d13685272268c622197e7f602ef7f436c55dafd8e625f468586290d
spec: spec:

2
clusters/cl01tl/manifests/harbor/Deployment-harbor-registry.yaml
View File

@@ -41,7 +41,7 @@ spec:
component: registry component: registry
app.kubernetes.io/component: registry app.kubernetes.io/component: registry
annotations: annotations:
checksum/configmap: 09248f8f683f624ab07d08786a9f8aaa38d03fa22c6b81d4ad32c3ddf25509ec checksum/configmap: a765dd6fb9d5e9f003853b3f23a72a47461637085500e3c3c24759916a6f5f34
checksum/secret: 532881bd1d1d6c57ab80f3b04a516655345de38da400ba7e22511f263226bd48 checksum/secret: 532881bd1d1d6c57ab80f3b04a516655345de38da400ba7e22511f263226bd48
checksum/secret-jobservice: d997909ea151f04cd3c6ce0da2b1e4b09ab6eecdc3d048c0d3aedf21b23285ba checksum/secret-jobservice: d997909ea151f04cd3c6ce0da2b1e4b09ab6eecdc3d048c0d3aedf21b23285ba
checksum/secret-core: ea96175d9d13685272268c622197e7f602ef7f436c55dafd8e625f468586290d checksum/secret-core: ea96175d9d13685272268c622197e7f602ef7f436c55dafd8e625f468586290d

8
clusters/cl01tl/manifests/harbor/HTTPRoute-harbor-route.yaml
View File

@@ -5,10 +5,10 @@ metadata:
namespace: "harbor" namespace: "harbor"
spec: spec:
parentRefs: parentRefs:
- group: gateway.networking.k8s.io group: gateway.networking.k8s.io
kind: Gateway kind: Gateway
name: traefik-gateway name: traefik-gateway
namespace: traefik namespace: traefik
hostnames: hostnames:
- harbor.alexlebens.net - harbor.alexlebens.net
rules: rules:

23
clusters/cl01tl/manifests/harbor/PodMonitor-harbor-valkey.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: harbor-valkey
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: valkey
app.kubernetes.io/component: podmonitor
spec:
podMetricsEndpoints:
- port: metrics
interval: 30s
namespaceSelector:
matchNames:
- harbor
selector:
matchLabels:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor

47
clusters/cl01tl/manifests/harbor/PrometheusRule-harbor-valkey.yaml Normal file
View File

@@ -0,0 +1,47 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: harbor-valkey
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: valkey
spec:
groups:
- name: harbor-valkey
rules:
- alert: ValkeyDown
annotations:
description: Valkey instance {{ $labels.instance }} is down.
summary: Valkey instance {{ $labels.instance }} down
expr: |
redis_up{service="harbor-valkey-metrics"} == 0
for: 2m
labels:
severity: error
- alert: ValkeyMemoryHigh
annotations:
description: |
Valkey instance {{ $labels.instance }} is using {{ $value }}% of its available memory.
summary: Valkey instance {{ $labels.instance }} is using too much memory
expr: |
redis_memory_used_bytes{service="harbor-valkey-metrics"} * 100
/
redis_memory_max_bytes{service="harbor-valkey-metrics"}
> 90 <= 100
for: 2m
labels:
severity: error
- alert: ValkeyKeyEviction
annotations:
description: |
Valkey instance {{ $labels.instance }} has evicted {{ $value }} keys in the last 5 minutes.
summary: Valkey instance {{ $labels.instance }} has evicted keys
expr: |
increase(redis_evicted_keys_total{service="harbor-valkey-metrics"}[5m]) > 0
for: 1s
labels:
severity: error

44
clusters/cl01tl/manifests/harbor/RedisReplication-redis-replication-harbor.yaml
View File

@@ -1,44 +0,0 @@
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: redis-replication-harbor
namespace: harbor
labels:
helm.sh/chart: redis-replication-1.0.4
app.kubernetes.io/version: "1.0.4"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis-replication-harbor
app.kubernetes.io/instance: harbor
app.kubernetes.io/part-of: harbor
spec:
clusterSize: 3
podSecurityContext:
fsGroup: 1000
runAsUser: 1000
kubernetesConfig:
image: "quay.io/opstree/redis:v8.4.0"
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 10m
memory: 32Mi
storage:
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: ceph-block
redisExporter:
enabled: true
image: "quay.io/opstree/redis-exporter:v1.80.2"
sentinel:
image: "quay.io/opstree/redis-sentinel:v8.4.0"
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 10m
memory: 32Mi
size: 3

2
clusters/cl01tl/manifests/harbor/Secret-harbor-trivy.yaml
View File

@@ -15,5 +15,5 @@ metadata:
app.kubernetes.io/version: "2.14.2" app.kubernetes.io/version: "2.14.2"
type: Opaque type: Opaque
data: data:
redisURL: cmVkaXM6Ly9yZWRpcy1yZXBsaWNhdGlvbi1oYXJib3ItbWFzdGVyLmhhcmJvcjo2Mzc5LzU/aWRsZV90aW1lb3V0X3NlY29uZHM9MzA= redisURL: cmVkaXM6Ly9oYXJib3ItdmFsa2V5LmhhcmJvcjo2Mzc5LzU/aWRsZV90aW1lb3V0X3NlY29uZHM9MzA=
gitHubToken: "" gitHubToken: ""

23
clusters/cl01tl/manifests/harbor/Service-harbor-valkey-headless.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: v1
kind: Service
metadata:
name: harbor-valkey-headless
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: headless
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: tcp
port: 6379
targetPort: tcp
protocol: TCP
selector:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor

23
clusters/cl01tl/manifests/harbor/Service-harbor-valkey-metrics.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: v1
kind: Service
metadata:
name: harbor-valkey-metrics
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: metrics
app.kubernetes.io/part-of: valkey
annotations:
spec:
type: ClusterIP
ports:
- name: metrics
port: 9121
protocol: TCP
targetPort: metrics
selector:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor

21
clusters/cl01tl/manifests/harbor/Service-harbor-valkey-read.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
name: harbor-valkey-read
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: read
spec:
type: ClusterIP
ports:
- name: tcp
port: 6379
targetPort: tcp
protocol: TCP
selector:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor

22
clusters/cl01tl/manifests/harbor/Service-harbor-valkey.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: v1
kind: Service
metadata:
name: harbor-valkey
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: primary
spec:
type: ClusterIP
ports:
- port: 6379
targetPort: tcp
protocol: TCP
name: tcp
selector:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
statefulset.kubernetes.io/pod-name: harbor-valkey-0

11
clusters/cl01tl/manifests/harbor/ServiceAccount-harbor-valkey.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: harbor-valkey
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
automountServiceAccountToken: false

24
clusters/cl01tl/manifests/harbor/ServiceMonitor-harbor-valkey.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: harbor-valkey
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: valkey
app.kubernetes.io/component: service-monitor
spec:
endpoints:
- port: metrics
interval: 30s
namespaceSelector:
matchNames:
- harbor
selector:
matchLabels:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/component: metrics

22
clusters/cl01tl/manifests/harbor/ServiceMonitor-redis-replication-harbor.yaml
View File

@@ -1,22 +0,0 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: redis-replication-harbor
namespace: harbor
labels:
helm.sh/chart: redis-replication-1.0.4
app.kubernetes.io/version: "1.0.4"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis-replication-harbor
app.kubernetes.io/instance: harbor
app.kubernetes.io/part-of: harbor
spec:
selector:
matchLabels:
app: redis-replication-harbor
redis_setup_type: replication
role: replication
endpoints:
- port: redis-exporter
interval: 30s
scrapeTimeout: 10s

2
clusters/cl01tl/manifests/harbor/StatefulSet-harbor-trivy.yaml
View File

@@ -38,7 +38,7 @@ spec:
component: trivy component: trivy
app.kubernetes.io/component: trivy app.kubernetes.io/component: trivy
annotations: annotations:
checksum/secret: 250128fa6ba0856d5b333475a0e0eb2237ccbc18a4ce84a79d405061e651f71f checksum/secret: d401a2a9815cc5377e43ae9b0746c5c8bed3bbd03489e30594af98d56079f11f
spec: spec:
securityContext: securityContext:
runAsUser: 10000 runAsUser: 10000

129
clusters/cl01tl/manifests/harbor/StatefulSet-harbor-valkey.yaml Normal file
View File

@@ -0,0 +1,129 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: harbor-valkey
labels:
helm.sh/chart: valkey-0.9.3
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
app.kubernetes.io/version: "9.0.3"
app.kubernetes.io/managed-by: Helm
spec:
serviceName: harbor-valkey-headless
replicas: 3
podManagementPolicy: OrderedReady
selector:
matchLabels:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
volumeClaimTemplates:
- metadata:
name: valkey-data
spec:
accessModes:
- ReadWriteOnce
storageClassName: "ceph-block"
resources:
requests:
storage: "1Gi"
template:
metadata:
labels:
app.kubernetes.io/name: valkey
app.kubernetes.io/instance: harbor
annotations:
checksum/initconfig: "0cad4b394241164de6b4d658a977be16"
spec:
automountServiceAccountToken: false
serviceAccountName: harbor-valkey
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
initContainers:
- name: harbor-valkey-init
image: docker.io/valkey/valkey:9.0.3
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
command: ["/scripts/init.sh"]
env:
- name: POD_INDEX
valueFrom:
fieldRef:
fieldPath: metadata.labels['apps.kubernetes.io/pod-index']
volumeMounts:
- name: valkey-data
mountPath: /data
- name: scripts
mountPath: /scripts
containers:
- name: harbor-valkey
image: docker.io/valkey/valkey:9.0.3
imagePullPolicy: IfNotPresent
command: ["valkey-server"]
args: ["/data/conf/valkey.conf"]
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
env:
- name: POD_INDEX
valueFrom:
fieldRef:
fieldPath: metadata.labels['apps.kubernetes.io/pod-index']
- name: VALKEY_LOGLEVEL
value: "notice"
ports:
- name: tcp
containerPort: 6379
protocol: TCP
startupProbe:
exec:
command: ["sh", "-c", "valkey-cli ping"]
livenessProbe:
exec:
command: ["sh", "-c", "valkey-cli ping"]
resources:
requests:
cpu: 10m
memory: 128Mi
volumeMounts:
- name: valkey-data
mountPath: /data
- name: metrics
image: ghcr.io/oliver006/redis_exporter:v1.81.0
imagePullPolicy: "IfNotPresent"
ports:
- name: metrics
containerPort: 9121
startupProbe:
tcpSocket:
port: metrics
livenessProbe:
tcpSocket:
port: metrics
readinessProbe:
httpGet:
path: /
port: metrics
resources:
requests:
cpu: 10m
memory: 64M
env:
- name: REDIS_ALIAS
value: harbor-valkey
volumes:
- name: scripts
configMap:
name: harbor-valkey-init-scripts
defaultMode: 0555